On the Per-Computer Settings page, you create settings profiles that specify how often to install software on workstations and servers. You can also define settings to prevent tampering and unauthorized uninstallation of the software.
Settings vary for WatchGuard EPDR, WatchGuard EDR, and WatchGuard EPP. Throughout this documentation, WatchGuard Endpoint Security refers generally to all three products. If you do not see a setting in the Endpoint Security management UI, it is not supported by your product.
To configure a per-computer settings profile:
- In WatchGuard Cloud, select Configure > Endpoints.
- Select Settings.
- From the left pane, select Per-Computer Settings.
- Select an existing security settings profile to edit, copy an existing profile, or in the upper-right corner of the page, click Add to create a new profile.
The Add Settings or Edit Settings page opens.
- In the Name text box, type a name for the settings profile.
- (Optional) In the Description text box, type a brief description of the settings profile.
- Configure these settings, as required:
- Click Save.
The new settings profile displays in the list.
- Select the profile and assign recipients, if required.
For more information, see Assign a Settings Profile.
You can choose to show the WatchGuard icon in the system tray of computers where WatchGuard Endpoint Security is installed.
To show the WatchGuard icon in the system tray:
- Select Preferences.
- Enable the Show icon in the system tray toggle.
Configure the time and frequency of updates of the endpoint software.
Update options are not configurable for Android devices. For more information, see Configure Android Device Settings.
To configure updates to the endpoint security software:
- Select Updates.
- To automatically update the software on computers, enable the toggle.
Updates occur as soon as they are available unless you specify a day and time.
- Specify the time when the software can update:
- To apply updates to the software on managed computers during a specified time period, specify the Start Time and End Time.
- To allow updates to the software on managed computers at any time, select the Anytime check box.
- To specify the days on which to apply software updates, select an option from the Apply Updates Only on the Following Days list:
- Any Day — Applies updates when they are available, on any day of the week or month.
- Days of the Week — Select the days of the week to apply updates. You must select at least one day. When an update is available, it runs on the first day of the week that matches the selection.
- Days of the Month — In the Start Day and End Day boxes, select the days of the month between which to apply updates. When an update is available, it runs on the first day of the month that matches the selection.
- On the Following Days — In the From and To calendars, select the dates between which to apply updates. This update does not repeat.
From the If a Restart Is Necessary to Complete the Update Process list, select an option:
- Do Not Restart Automatically — A restart dialog box on the target computer prompts the user to restart the computer. The dialog box continues to open until the computer restarts.
- Automatically Restart Workstations Only — Computers automatically restart after the update completes. Servers do not restart automatically.
- Automatically Restart Servers Only — Servers automatically restart after the update completes. Computers do not restart automatically.
- Automatically Restart Workstations and Servers — Computers and servers automatically restart after the update completes.
Configure security against tampering to ensure that only authorized users can uninstall, disable, or uninstall WatchGuard Endpoint Security.
To configure security against tampering:
- Select Security Against Unauthorized Protection Tampering.
- To require the user on the client computer to enter a password to uninstall WatchGuard Endpoint Security, enable the Request Password to Uninstall the Protection from Computers toggle.
- To allow administrators to temporarily manage computer security settings from the endpoint software on the computer, enable the Allow the Protections to Be Temporarily Enabled/Disabled from the Computer's Local Console toggle.
- To prevent users and malware when they try to disable protection, enable the Enable Anti-Tamper Protection toggle.
For more information, see Enable a Password to Prevent Unauthorized Protection Tampering.
- If you enabled any of the toggles, enter the password the user must enter on the client computer in the Password Required to Perform Advanced Management Tasks Locally from your Computers text box.
If a computer loses its license because it is manually removed or because it expires or is canceled, the Anti-Tamper Protection and password-based uninstallation protection are disabled.
Shadow copies is a technology included in Windows computers that can create a snapshot of computer files, even when they are in use. From WatchGuard Endpoint Security, you can remotely interact with the Windows Shadow Copies service on the computers on the network. This feature is available for endpoints that run Windows Vista or Windows 2003 Server, and higher.
When enabled in WatchGuard Endpoint Security, Windows creates a shadow copy every 24 hours. WatchGuard Endpoint Security retains up to 7 copies at a given time. You cannot delete a shadow copy created by the software (WatchGuard EPDR, WatchGuard EDR, and WatchGuard EPP). To restore a backup, you must use the Windows Shadow Copies app on your computer.
To enable shadow copies for endpoints in WatchGuard Endpoint Security:
- Select Shadow Copies.
- Enable the Activate Windows Shadow Copies to Create a Backup of your Computer's Files Every Day toggle.
Windows creates shadow copies of your computer files. WatchGuard Endpoint Security retains up to 7 copies of a file.
- In the Maximum Space for Shadow Copies text box, enter a value between 5% and 20%.
By default, the value is set to 10%. We recommend a value between 5% and 20%. Shadow Copies makes sure that the set volume is not exceeded. This value has priority over other space settings established by the network administrator.